20 Hits in 6.9 sec

Did we learn from LLC Side Channel Attacks? A Cache Leakage Detection Tool for Crypto Libraries [article]

Gorka Irazoqui, Kai Cong, Xiaofei Guo, Hareesh Khattri, Arun Kanuparthi, Thomas Eisenbarth, Berk Sunar
2017 arXiv   pre-print
This work presents a new tool to verify the correctness of cryptographic implementations with respect to cache attacks.  ...  Our results show that cryptographic code designers are far away from incorporating the appropriate countermeasures to avoid cache leakages, as we found that 50% of the default implementations analyzed  ...  LLC Attacks LLC cache attacks are one of the most dangerous side channel attacks since they do not rely on physical proximity.  ... 
arXiv:1709.01552v1 fatcat:taa6yk3vffdqpibhgzavx2iseq

A Survey of Microarchitectural Side-channel Vulnerabilities, Attacks and Defenses in Cryptography [article]

Xiaoxuan Lou, Tianwei Zhang, Jun Jiang, Yinqian Zhang
2021 arXiv   pre-print
In this paper, we systematize microarchitectural side channels with a focus on attacks and defenses in cryptographic applications.  ...  Side-channel attacks have become a severe threat to the confidentiality of computer applications and systems.  ...  Attack Detection. In addition to prevent side-channel attacks, another direction is to detect the occurrence of side-channel attacks at runtime.  ... 
arXiv:2103.14244v1 fatcat:u35eyivqbngplfa4qrswfsqqti

Software Grand Exposure: SGX Cache Attacks Are Practical [article]

Ferdinand Brasser , Kari Kostiainen System Security Lab, Technische Universität Darmstadt, Germany, Institute of Information Security, ETH Zurich, Switzerland)
2017 arXiv   pre-print
Side-channel information leakage is a known limitation of SGX.  ...  We show that our attacks are more effective than previous cache attacks and harder to mitigate than previous SGX side-channel attacks.  ...  The accessed memory location is effectively hidden from the adversary. For instance, the NaCl library [1] provides such side-channel resilient crypto implementations.  ... 
arXiv:1702.07521v1 fatcat:xqavqyci65e5pi7ybpq5vb4lae

CacheShield: Protecting Legacy Processes Against Cache Attacks [article]

Samira Briongos, Gorka Irazoqui, Pedro Malagón, Thomas Eisenbarth
2017 arXiv   pre-print
Based on this observation, we propose CacheShield, a tool to protect legacy code by monitoring its execution and detecting the presence of cache attacks, thus providing the opportunity to take preventative  ...  We show that hardware performance events of cryptographic routines reveal the presence of cache attacks.  ...  ACKNOWLEDGMENTS Visit of Samira Briongos to Vernam group at Worcester Polytechnic Institute has been supported by a collaboration fellowship of the European Network of Excellence on High Performance and  ... 
arXiv:1709.01795v1 fatcat:myvn7mddonawrietaovilf3ivi

A Compiler Assisted Scheduler for Detecting and Mitigating Cache-Based Side Channel Attacks [article]

Sharjeel Khan, Girish Mururu, Santosh Pande
2020 arXiv   pre-print
In this work, we demonstrate a compiler guided scheduler, Biscuit, that detects cache-based side channel attacks for processes scheduled on multi-tenancy server farms.  ...  Side channel attacks steal secret keys by cleverly leveraging information leakages and can, therefore, break encryption.  ...  The model is passed to an SMT solver to detect leakage areas that can be exploited by side channel attacks.  ... 
arXiv:2003.03850v3 fatcat:whoi3azw7zajhelbabdtz4d7bi

DR.SGX: Hardening SGX Enclaves against Cache Attacks with Data Location Randomization [article]

Ferdinand Brasser , Tommaso Frassetto, Ahmad-Reza Sadeghi System Security Lab, Technische Universität Darmstadt, Germany
2017 arXiv   pre-print
In this paper we propose data location randomization as a novel defensive approach to address the threat of side-channel attacks.  ...  Our solution effectively protects many (but not all) enclaves from cache attacks and provides a complementary enclave hardening technique that is especially useful against unpredictable information leakage  ...  We propose a novel defensive approach called semantic agnostic data randomization as a countermeasure against cache-based side-channel attacks on SGX. • New tool.  ... 
arXiv:1709.09917v1 fatcat:75fxnpqnwvgmnj57jqniokxlvu

Spectre Attacks: Exploiting Speculative Execution [article]

Paul Kocher, Daniel Genkin, Daniel Gruss, Werner Haas, Mike Hamburg, Moritz Lipp, Stefan Mangard, Thomas Prescher, Michael Schwarz, Yuval Yarom
2018 arXiv   pre-print
timing/side-channel attacks.  ...  This paper describes practical attacks that combine methodology from side channel attacks, fault attacks, and return-oriented programming that can read arbitrary memory from the victim's process.  ...  We would like to thank Intel for their professional handling of this issue through communicating a clear timeline and connecting all involved researchers.  ... 
arXiv:1801.01203v1 fatcat:ye2a4qiqpzhfld32mbrk7whwyi

Real time detection of cache-based side-channel attacks using hardware performance counters

Marco Chiappetta, Erkay Savas, Cemal Yilmaz
2016 Applied Soft Computing  
Cache-based side-channel attacks are increasingly exposing the weaknesses of many cryptographic libraries and tools by showing that, even though the algorithms might be considered strong, their implementations  ...  In this study we analyze three methods to detect cache-based side-channel attacks in real time, preventing or limiting the amount of leaked information.  ...  Acknowledgments We would like to thank the authors of [9] , [10] and [11] for sharing, and assisting us with, the source code of their projects.  ... 
doi:10.1016/j.asoc.2016.09.014 fatcat:iwxde6qjtnhexbj2s2eepuav5a

Util::Lookup: Exploiting key decoding in cryptographic libraries [article]

Florian Sieck, Sebastian Berndt, Jan Wichelmann, Thomas Eisenbarth
2021 arXiv   pre-print
Implementations of cryptographic libraries have been scrutinized for secret-dependent execution behavior exploitable by microarchitectural side-channel attacks.  ...  We present a complete attack, including a broad library analysis, a high-resolution last level cache attack on SGX enclaves, and a fully parallelized implementation of the extend-and-prune approach that  ...  ACKNOWLEDGMENTS The authors thank Nadia Heninger and Christopher Krebs for discussing approaches to integrate −1 into the key-recovery algorithm and the anonymous reviewers for their valuable comments  ... 
arXiv:2108.04600v1 fatcat:2a4gjovzxbfezgvkmal66hrcju

Side-Channel Analysis of SM2

Nicola Tuveri, Sohaib ul Hassan, Cesar Pereida Garcia, Billy Bob Brumley
2018 Proceedings of the 34th Annual Computer Security Applications Conference on - ACSAC '18  
We perform a security review of this implementation, uncovering various deficiencies ranging from traditional software quality issues to side-channel risks.  ...  To assess the latter, we carry out a side-channel security evaluation and discover that the implementation hits every pitfall seen for OpenSSL's ECDSA code in the past decade.  ...  This article is based in part upon work from COST Action IC1403 CRYPTACUS, supported by COST (European Cooperation in Science and Technology).  ... 
doi:10.1145/3274694.3274725 dblp:conf/acsac/TuveriHGB18 fatcat:vztueekdx5ctjiqtfvcoyikcji

Déjà Vu: Side-Channel Analysis of Mozilla's NSS [article]

Sohaib ul Hassan, Iaroslav Gridin, Ignacio M. Delgado-Lozano, Cesar Pereida García, Jesús-Javier Chi-Domínguez, Alejandro Cabrera Aldaya, Billy Bob Brumley
2020 arXiv   pre-print
Recent work on Side Channel Analysis (SCA) targets old, well-known vulnerabilities, even previously exploited, reported, and patched in high-profile cryptography libraries.  ...  In this work, we present another instance of this issue by performing the first library-wide SCA security evaluation of Mozilla's NSS security library.  ...  We thank Tampere Center for Scientific Computing (TCSC) for generously granting us access to computing cluster resources.  ... 
arXiv:2008.06004v1 fatcat:nmushfo5ujg5boynvxumo5dhsy

VC3: Trustworthy Data Analytics in the Cloud Using SGX

Felix Schuster, Manuel Costa, Cedric Fournet, Christos Gkantsidis, Marcus Peinado, Gloria Mainar-Ruiz, Mark Russinovich
2015 2015 IEEE Symposium on Security and Privacy  
VC3 optionally enforces region self-integrity invariants for all MapReduce code running within isolated regions, to prevent attacks due to unsafe memory reads and writes.  ...  We present VC3, the first system that allows users to run distributed MapReduce computations in the cloud while keeping their code and data secret, and ensuring the correctness and completeness of their  ...  Denial-of-service, side-channels, and trafficanalysis attacks are outside the scope of this work.  ... 
doi:10.1109/sp.2015.10 dblp:conf/sp/SchusterCFGPMR15 fatcat:aosg7w2refhi7i3q3uvk7qm374

The Secure Machine: Efficient Secure Execution On Untrusted Platforms [article]

Ofir Shwartz, Yitzhak Birk
2018 arXiv   pre-print
In this work we present the Secure Machine, SeM for short, a CPU architecture extension for secure computing.  ...  We developed Distributed Memory Integrity Trees, a method for enhancing single node integrity trees for preserving the integrity of a distributed application running on an untrusted computing environment  ...  CMP's last level cache (LLC) and the memory interface.  ... 
arXiv:1803.03951v1 fatcat:judqg442wvekdbevambchu3o6i

Semantics-Based Cache-Side-Channel Quantification in Cryptographic Implementations

Alexandra Weber
There are ways to mitigate the leakage of secret information like, e.g., crypto keys through cache side channels.  ...  In this thesis, we propose a suite of program analyses that can provide quantitative security guarantees in the form of reliable upper bounds on the cache-side-channel leakage of a variety of real-world  ...  Recall from Sections 4.6.1 and 4.6.2 that a cache-side-channel attacker might also learn the value of pos_list.  ... 
doi:10.26083/tuprints-00021208 fatcat:pnpnljue6bbunngweh6dyrfhpa

Enclave Computing Paradigm: Hardware-assisted Security Architectures & Applications

Franz Ferdinand Peter Brasser
Preventing side-channel leakage from enclaves in a universal and efficient way is a non-trivial problem. Nevertheless, these deployed TEE solutions enable various novel applications.  ...  However, SGX enclaves face severe threats, in particular side-channel leakage, that can void its security guarantees.  ...  Cache-based Side-Channel Attacks. The first cache-based side-channel attack [308] demonstrated information leakage via L1 cache.  ... 
doi:10.25534/tuprints-00011912 fatcat:2xf7ax7tcvbhrn76cdvcesfj6e
« Previous Showing results 1 — 15 out of 20 results